mirror of
https://git.yoctoproject.org/poky
synced 2026-03-03 05:49:39 +01:00
bda51ee782
This vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277 See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6278 (From OE-Core rev: de596b5f31e837dcd2ce991245eb5548f12d72ae) Signed-off-by: Catalin Popeanga <Catalin.Popeanga@enea.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
25 lines
920 B
Bash
25 lines
920 B
Bash
require bash.inc
|
|
|
|
# GPLv2+ (< 4.0), GPLv3+ (>= 4.0)
|
|
LICENSE = "GPLv3+"
|
|
LIC_FILES_CHKSUM = "file://COPYING;md5=d32239bcb673463ab874e80d47fae504"
|
|
|
|
SRC_URI = "${GNU_MIRROR}/bash/${BPN}-${PV}.tar.gz;name=tarball \
|
|
file://execute_cmd.patch;striplevel=0 \
|
|
file://mkbuiltins_have_stringize.patch \
|
|
file://build-tests.patch \
|
|
file://test-output.patch \
|
|
file://cve-2014-6271.patch;striplevel=0 \
|
|
file://cve-2014-7169.patch \
|
|
file://Fix-for-bash-exported-function-namespace-change.patch \
|
|
file://cve-2014-7186_cve-2014-7187.patch \
|
|
file://cve-2014-6277.patch \
|
|
file://cve-2014-6278.patch \
|
|
file://run-ptest \
|
|
"
|
|
|
|
SRC_URI[tarball.md5sum] = "81348932d5da294953e15d4814c74dd1"
|
|
SRC_URI[tarball.sha256sum] = "afc687a28e0e24dc21b988fa159ff9dbcf6b7caa92ade8645cc6d5605cd024d4"
|
|
|
|
BBCLASSEXTEND = "nativesdk"
|